Microsoft MS-102 Übungsprüfungen
Zuletzt aktualisiert am 22.05.2025 - Prüfungscode: MS-102
- Prüfungsname: Microsoft 365 Administrator
- Zertifizierungsanbieter: Microsoft
- Zuletzt aktualisiert am: 22.05.2025
HOTSPOT
You have a Microsoft 365 E5 subscription that contains a Microsoft SharePoint site named Sitel.
You need to perform the following tasks:
• Create a sensitive info type named SIT1 based on a regular expression.
• Add a watermark to all new documents that are matched by SIT1.
Which two settings should you use in the Microsoft Purview compliance portal? To answer, select the appropriate settings in the answer area. NOTE: Each correct selection is worth one point.
You have a Microsoft 365 tenant that contains 500 Windows 10 devices and a Microsoft Endpoint Manager device compliance policy.
You need to ensure that only devices marked as compliant can access Microsoft Office 365 apps.
Which policy type should you configure?
- A . conditional access
- B . account protection
- C . attack surface reduction (ASR)
- D . Endpoint detection and response
You have a Microsoft 365 E5 tenant that has sensitivity label support enabled for Microsoft and SharePoint Online.
You need to enable unified labeling for Microsoft 365 groups.
Which cmdlet should you run?
- A . set-unifiedGroup
- B . Set-Labelpolicy
- C . Execute-AzureAdLebelSync
- D . Add-UnifiedGroupLinks
You have a Microsoft 365 tenant.
Company policy requires that all Windows 10 devices meet the following minimum requirements:
Require complex passwords.
Require the encryption of data storage devices.
Have Microsoft Defender Antivirus real-time protection enabled.
You need to prevent devices that do not meet the requirements from accessing resources in the tenant.
Which two components should you create? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
- A . a configuration policy
- B . a compliance policy
- C . a security baseline profile
- D . a conditional access policy
- E . a configuration profile
HOTSPOT
You have a Microsoft 365 E5 subscription that contains the users shown in the following table.
Each user has an Android device with the Microsoft Authenticator app installed and has set up phone sign-in.
The subscription has the following Conditional Access policy:
• Name: Policy1
• Assignments
o Users and groups: Group1, Group2
o Cloud apps or actions: All cloud apps
• Access controls
o Grant Require multi-factor authentication
• Enable policy: On
From Microsoft Authenticator settings for the subscription, the Enable and Target settings are configured as shown in the exhibit. (Click the Exhibit tab.)
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
HOTSPOT
You have a Microsoft 365 subscription that uses a domain name of adatum.com.
In Microsoft Entra ID. you set Guest invite restrictions to Only users assigned to specific admin roles can invite guest users.
A user named used@adatum.corn reports that they can no longer invite external users from a domain namedcontoso.com to collaborate in Microsoft Teams.
You need to modify the Microsoft Entra ID configuration to meet the following requirements:
• Ensure that User1 can invite the contoso.com users to Teams
• Ensure that only the contoso.com users can be invited as guests to the Microsoft Entra tenant.
• Follow the principle of least privilege
What should you do for each requirement‘ To answer, select the appropriate options in the answer area.
You have a Microsoft 365 E5 subscription.
You need to be alerted when Microsoft 365 Defender detects high-severity incidents.
What should you use?
- A . a custom detection rule
- B . a threat policy
- C . an alert policy
- D . a notification rule
HOTSPOT
You have a Microsoft 365 E5 subscription.
You have an Azure AD tenant named contoso.com that contains the following users:
• Admin1
• Admin2
• User1
Contoso.com contains an administrative unit named AIM that has no role assignments. User1 is a member of AU1. You create an administrative unit named AU2 that does NOT have any members or role assignments.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
You need to configure just in time access to meet the technical requirements.
What should you use?
- A . entitlement management
- B . Azure AD Privileged Identity Management (PIM)
- C . access reviews
- D . Azure AD Identity Protection
HOTSPOT
Your company has a Azure AD tenant named comoso.onmicrosoft.com that contains the users shown in the following table.
You need to identify which users can perform the following administrative tasks:
• Reset the password of User4.
• Modify the value for the manager attribute of User4.
Which users should you identify for each task? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
